Move most of configurations to roles

2021-06-25 15:57:27 +00:00 · 2021-06-25 15:57:27 +00:00 · cc04ed028d
commit cc04ed028d
parent 25fb532e90
3 changed files with 13 additions and 154 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -0,0 +1,3 @@
+[submodule "roles"]
+	path = roles
+	url = https://git.foo.sh/ansible-software.git
--- a/deploy.yml
+++ b/deploy.yml
@ -6,6 +6,15 @@
  become: true
  become_method: sudo

+  roles:
+  - cups
+  - git
+  - google-chrome
+  - kerberos
+  - ldap
+  - mutt
+  - spotify
+ 
  tasks:
  - name: "remove unneeded packages"
    package:
@ -27,157 +36,3 @@
      path: /etc/default/grub
      regexp: "^GRUB_TIMEOUT="
      state: absent
-
-  - name: "enable google chrome repository"
-    yum_repository:
-      name: google-chrome
-      baseurl: http://dl.google.com/linux/chrome/rpm/stable/x86_64
-      description: Google Chrome
-      gpgcheck: true
-      gpgkey: https://dl.google.com/linux/linux_signing_key.pub
-      enabled: true
-  - name: "install google chrome"
-    package:
-      name: google-chrome
-      state: present
-  - name: "create google chrome policy directories"
-    file:
-      path: "{{ item }}"
-      state: directory
-      mode: 0755
-      owner: root
-      group: root
-    with_items:
-      - /etc/opt/chrome/policies/managed
-      - /etc/opt/chrome/policies/recommended
-  - name: "install google chrome managed settings"
-    copy:
-      dest: /etc/opt/chrome/policies/managed/defaults.json
-      content: |
-        {
-          "HomepageLocation": "https://www.foo.sh",
-          "PasswordManagerEnabled": false,
-        }
-      mode: 0644
-      owner: root
-      group: root
-  - name: "install google chrome recommended settings"
-    copy:
-      dest: /etc/opt/chrome/policies/recommended/defaults.json
-      content: |
-        {
-          "RestoreOnStartup": 1,
-          "ImportHistory": false
-        }
-      mode: 0644
-      owner: root
-      group: root
-
-  - name: "enable spotify repository"
-    yum_repository:
-      name: spotify
-      baseurl: https://negativo17.org/repos/spotify/fedora-$releasever/x86_64/
-      description: Spotify
-      gpgcheck: true
-      gpgkey: https://negativo17.org/repos/RPM-GPG-KEY-slaanesh
-      enabled: true
-  - name: "install spotify"
-    package:
-      name: spotify
-      state: present
-
-  - name: "install generic tools"
-    package:
-      name: "{{ item }}"
-      state: present
-    with_items:
-      - dia
-      - elinks
-      - geteltorito
-      - gimp
-      - krb5-workstation
-      - mutt
-      - openldap-clients
-      - setroubleshoot
-      - thunderbird
-
-  - name: "install extra packages for development"
-    package:
-      name: "{{ item }}"
-      state: present
-    with_items:
-      - black
-      - emacs
-      - htop
-      - iftop
-      - iotop
-      - python3-ansible-lint
-      - ShellCheck
-      - strace
-      - yamllint
-      - vim-enhanced
-      - wireshark
-
-  - name: "install virtualization packages"
-    package:
-      name: "{{ item }}"
-      state: present
-    with_items:
-      - libvirt
-      - podman
-      - virt-install
-      - virt-manager
-
-  - name: configure libvirtd socket permissions
-    lineinfile:
-      path: /etc/libvirt/libvirtd.conf
-      regexp: "^#?unix_sock_group = .*"
-      line: 'unix_sock_group = "wheel"'
-
-  - name: enable libvirtd service
-    service:
-      name: libvirtd
-      enabled: true
-      state: started
-
-  - name: "configure mutt"
-    copy:
-      dest: /etc/Muttrc.local
-      content: |
-        set use_8bitmime
-        set hostname=foo.sh
-        set imap_authenticators="gssapi:plain"
-        set spoolfile=imaps://${USER}@mail.foo.sh/INBOX
-        set folder=imaps://${USER}@mail.foo.sh
-      mode: 0644
-      owner: root
-      group: root
-
-  - name: "configure ldap client"
-    copy:
-      dest: /etc/openldap/ldap.conf
-      content: |
-        BASE dc=foo,dc=sh
-        URI ldaps://ldap.foo.sh
-      mode: 0644
-      owner: root
-      group: root
-
-  - name: "configure kerberos client"
-    copy:
-      dest: /etc/krb5.conf.d/foo.sh.conf
-      content: |
-        [libdefaults]
-        default_realm = FOO.SH
-
-        [domain_realm]
-        foo.sh = FOO.SH
-        .foo.sh = FOO.SH
-
-        [realms]
-        FOO.SH = {
-          kdc = https://id.foo.sh/KdcProxy
-        }
-      mode: 0644
-      owner: root
-      group: root
--- a/1
+++ b/1
@ -0,0 +1 @@
+Subproject commit fd3743f293783c9ec17fae7fd18d58b988b6fe9f
				`@ -0,0 +1 @@`
				`Subproject commit fd3743f293783c9ec17fae7fd18d58b988b6fe9f`